<%@ page contentType="text/html; charset=utf-8" language="java" import="java.sql.*" errorPage="" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
        <title>Checking Username and Password</title>
    </head>
    <body>
        <%    // Grab the username and password form the login page
        String uname = request.getParameter("username");
        String pass = request.getParameter("password");
        String passwd="dibeshis";
        session.setAttribute("userName",uname);
        %>
        
        <%  //connect to database and set the emp_id to the session
        String query="select password from login"+" where username='"+uname+"'";
        Connection db_conn = null;
        Statement statement = null;
        PreparedStatement pstmt;
        ResultSet rs;
        try{
            Class.forName("com.mysql.jdbc.Driver");
            String url= "jdbc:mysql://localhost:3306/db";
            db_conn = DriverManager.getConnection( url,"root", "root" );
            statement = db_conn.createStatement();
            //rs=statement.executeUpdate(query);
            rs=statement.executeQuery(query);
            while (rs.next()) { // parse the results
                passwd=rs.getString("password");
            }
            db_conn.close();
        } catch(SQLException e){
            e.printStackTrace();
            out.println("sql not found");
            out.println(e);
        } catch(ClassNotFoundException e){
            e.printStackTrace();
            out.println(e);
        }
        %>
        <% if(pass.equals(passwd)&& !uname.equals("admin")){ %>
        <jsp:forward page="user.jsp" >
            <jsp:param name="pageid" value="default" />
            <jsp:param name="tid" value="0" />
        </jsp:forward>    
        <% }else if(pass.equals(passwd)){ %>
        <jsp:forward page="admin.jsp" >
            <jsp:param name="pageid" value="default" />
            <jsp:param name="tid" value="0" />
        </jsp:forward>
        
        <% }else { %> 
        
        <% } %>
    </body>
</html>
